Skip to content

Commit 2992ae0

Browse files
jvazquez-r7jvazquez-r7
committed
Land Code to handle kerberos error codes
2 parents 05a9ec0 + d148848 commit 2992ae0

File tree

2 files changed

+66
-0
lines changed

2 files changed

+66
-0
lines changed

lib/rex/proto/kerberos/model.rb

Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,57 @@ module Model
1717
AUTHENTICATOR = 2
1818
AP_REQ = 14
1919

20+
# Kerberos error codes
21+
ERROR_CODES = {
22+
0 => ['KDC_ERR_NONE', 'No error'],
23+
1 => ['KDC_ERR_NAME_EXP', 'Client\'s entry in database has expired'],
24+
2 => ['KDC_ERR_SERVICE_EXP', 'Server\'s entry in database has expired'],
25+
3 => ['KDC_ERR_BAD_PVNO', 'Requested protocol version number not supported'],
26+
4 => ['KDC_ERR_C_OLD_MAST_KVNO', 'Client\'s key encrypted in old master key'],
27+
5 => ['KDC_ERR_S_OLD_MAST_KVNO', 'Server\'s key encrypted in old master key'],
28+
6 => ['KDC_ERR_C_PRINCIPAL_UNKNOWN', 'Client not found in Kerberos database'],
29+
7 => ['KDC_ERR_S_PRINCIPAL_UNKNOWN', 'Server not found in Kerberos database'],
30+
8 => ['KDC_ERR_PRINCIPAL_NOT_UNIQUE', 'Multiple principal entries in database'],
31+
9 => ['KDC_ERR_NULL_KEY', 'The client or server has a null key'],
32+
10 => ['KDC_ERR_CANNOT_POSTDATE', 'Ticket not eligible for postdating'],
33+
11 => ['KDC_ERR_NEVER_VALID', 'Requested start time is later than end time'],
34+
12 => ['KDC_ERR_POLICY', 'KDC policy rejects request'],
35+
13 => ['KDC_ERR_BADOPTION', 'KDC cannot accommodate requested option'],
36+
14 => ['KDC_ERR_ETYPE_NOSUPP', 'KDC has no support for encryption type'],
37+
15 => ['KDC_ERR_SUMTYPE_NOSUPP', 'KDC has no support for checksum type'],
38+
16 => ['KDC_ERR_PADATA_TYPE_NOSUPP', 'KDC has no support for padata type'],
39+
17 => ['KDC_ERR_TRTYPE_NOSUPP', 'KDC has no support for transited type'],
40+
18 => ['KDC_ERR_CLIENT_REVOKED', 'Clients credentials have been revoked'],
41+
19 => ['KDC_ERR_SERVICE_REVOKED', 'Credentials for server have been revoked'],
42+
20 => ['KDC_ERR_TGT_REVOKED', 'TGT has been revoked'],
43+
21 => ['KDC_ERR_CLIENT_NOTYET', 'Client not yet valid - try again later'],
44+
22 => ['KDC_ERR_SERVICE_NOTYET', 'Server not yet valid - try again later'],
45+
23 => ['KDC_ERR_KEY_EXPIRED', 'Password has expired - change password to reset'],
46+
24 => ['KDC_ERR_PREAUTH_FAILED', 'Pre-authentication information was invalid'],
47+
25 => ['KDC_ERR_PREAUTH_REQUIRED', 'Additional pre-authentication required'],
48+
31 => ['KRB_AP_ERR_BAD_INTEGRITY', 'Integrity check on decrypted field failed'],
49+
32 => ['KRB_AP_ERR_TKT_EXPIRED', 'Ticket expired'],
50+
33 => ['KRB_AP_ERR_TKT_NYV', 'Ticket not yet valid'],
51+
34 => ['KRB_AP_ERR_REPEAT', 'Request is a replay'],
52+
35 => ['KRB_AP_ERR_NOT_US', 'The ticket isn\'t for us'],
53+
36 => ['KRB_AP_ERR_BADMATCH', 'Ticket and authenticator don\'t match'],
54+
37 => ['KRB_AP_ERR_SKEW', 'Clock skew too great'],
55+
38 => ['KRB_AP_ERR_BADADDR', 'Incorrect net address'],
56+
39 => ['KRB_AP_ERR_BADVERSION', 'Protocol version mismatch'],
57+
40 => ['KRB_AP_ERR_MSG_TYPE', 'Invalid msg type'],
58+
41 => ['KRB_AP_ERR_MODIFIED', 'Message stream modified'],
59+
42 => ['KRB_AP_ERR_BADORDER', 'Message out of order'],
60+
44 => ['KRB_AP_ERR_BADKEYVER', 'Specified version of key is not available'],
61+
45 => ['KRB_AP_ERR_NOKEY', 'Service key not available'],
62+
46 => ['KRB_AP_ERR_MUT_FAIL', 'Mutual authentication failed'],
63+
47 => ['KRB_AP_ERR_BADDIRECTION', 'Incorrect message direction'],
64+
48 => ['KRB_AP_ERR_METHOD', 'Alternative authentication method required'],
65+
49 => ['KRB_AP_ERR_BADSEQ', 'Incorrect sequence number in message'],
66+
50 => ['KRB_AP_ERR_INAPP_CKSUM', 'Inappropriate type of checksum in message'],
67+
60 => ['KRB_ERR_GENERIC', 'Generic error'],
68+
61 => ['KRB_ERR_FIELD_TOOLONG', 'Field is too long for this implementation']
69+
}
70+
2071
KDC_OPTION_RESERVED = 0
2172
KDC_OPTION_FORWARDABLE = 1
2273
KDC_OPTION_FORWARDED = 2

modules/auxiliary/admin/kerberos/ms14_068_kerberos_checksum.rb

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -84,6 +84,7 @@ def run
8484
)
8585

8686
unless res.msg_type == Rex::Proto::Kerberos::Model::AS_REP
87+
vprint_warning("#{peer} - #{warn_error(res)}") if res.msg_type == Rex::Proto::Kerberos::Model::KRB_ERROR
8788
print_error("#{peer} - Invalid AS-REP, aborting...")
8889
return
8990
end
@@ -132,6 +133,7 @@ def run
132133
)
133134

134135
unless res.msg_type == Rex::Proto::Kerberos::Model::TGS_REP
136+
vprint_warning("#{peer} - #{warn_error(res)}") if res.msg_type == Rex::Proto::Kerberos::Model::KRB_ERROR
135137
print_error("#{peer} - Invalid TGS-REP, aborting...")
136138
return
137139
end
@@ -143,5 +145,18 @@ def run
143145
path = store_loot('windows.kerberos', 'application/octet-stream', rhost, cache.encode)
144146
print_good("#{peer} - MIT Credential Cache saved on #{path}")
145147
end
148+
149+
def warn_error(res)
150+
msg = ''
151+
152+
if Rex::Proto::Kerberos::Model::ERROR_CODES.has_key?(res.error_code)
153+
error_info = Rex::Proto::Kerberos::Model::ERROR_CODES[res.error_code]
154+
msg = "#{error_info[0]} - #{error_info[1]}"
155+
else
156+
msg = 'Unknown error'
157+
end
158+
159+
msg
160+
end
146161
end
147162

0 commit comments

Comments
 (0)